Search for packages
| purl | pkg:deb/debian/activemq@5.13.2%2Bdfsg-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-brq9-y937-8faz | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The administration web console in Apache ActiveMQ 5.x before 5.11.4, 5.12.x before 5.12.3, and 5.13.x before 5.13.2 allows remote authenticated users to conduct cross-site scripting (XSS) attacks and consequently obtain sensitive information from a Java memory dump via vectors related to creating a queue. |
CVE-2016-0782
GHSA-8rcq-p4gh-vmj8 |
| VCID-pf5e-93cg-guav | Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. |
CVE-2015-5254
GHSA-q9hr-3pg4-3jp4 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T12:48:02.462678+00:00 | Debian Importer | Fixing | VCID-pf5e-93cg-guav | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:44:20.839096+00:00 | Debian Importer | Fixing | VCID-brq9-y937-8faz | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:46:51.958078+00:00 | Debian Importer | Fixing | VCID-pf5e-93cg-guav | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T06:30:01.818704+00:00 | Debian Importer | Fixing | VCID-brq9-y937-8faz | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-02T17:16:13.204393+00:00 | Debian Importer | Fixing | VCID-pf5e-93cg-guav | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-02T17:05:44.673388+00:00 | Debian Importer | Fixing | VCID-brq9-y937-8faz | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |